<?php
/**
 * Created by PhpStorm.
 * User: Administrator
 * Date: 2018/12/18
 * Time: 16:00
 */
require 'config.php';
switch (@$_GET['a']){
    case 'login':

        if(!empty($_POST['uname']) && !empty($_POST['pwd'])){
            $uname = $_POST['uname'];
            $pwd = $_POST['pwd'];
            $sql = "select * from user where userName='{$uname}' and password='{$pwd}' and status=1 and auth <2";
            $result = mysqli_query($link,$sql);
            $rows = mysqli_fetch_assoc($result);
            $id = $rows['id'];
            if ($rows){

                if ($rows['auth'] ==1 ){
                    setcookie('auth1','会员用户',time()+3600,'/');
                    setcookie('uname1',$uname,time()+3600*24,'/');
                    setcookie('id1',$id,time()+3600*24,'/');
                    echo "<script>alert('登录成功');window.location.href='../index.php';</script>";die;
                }elseif ($rows['auth'] ==0) {
                    setcookie('auth1','普通用户',time()+3600*24,'/');
                    setcookie('uname1',$uname,time()+3600,'/');
                    setcookie('id1',$id,time()+3600*24,'/');
                    echo "<script>alert('登录成功');window.location.href='../index.php';</script>";die;
                }
            }else{
                echo "<script>alert('用户名不存在');window.location.href='../index.php';</script>";die;
            }
        }else{
            echo "<script>alert('内容不能为空');window.location.href='../index.php';</script>";die;
        }
        break;
    case 'exit':
        $time = date('Y-m-d H:i:s');
        $uname = $_COOKIE['uname'];
        $sql ="update user set lastlogin = '{$time}' where userName = '{$uname}'";
        mysqli_query($link,$sql);
        if (mysqli_affected_rows($link)>0){
            setcookie('uname1','',time()-1,'/');
            setcookie('auth1','',time()-1,'/');
            setcookie('id1','',time()-1,'/');
            echo "<script>alert('退出成功');window.location.href='../index.php';</script>";die;
        }
        mysqli_close($link);
        break;
    case 'update':
        if (!empty($_POST['nickName']&&!empty($_POST['num'])&&!empty($_POST['jiao']))){
            $id = $_POST['id'];
            @$uname = $_POST['uname'];
            @$nickName = $_POST['nickName'];
            @$email = $_POST['email'];
            @$qq = $_POST['qq'];
            @$age = $_POST['age'];
            @$sex = $_POST['sex'];
            @$num = $_POST['num'];
            @$work = $_POST['work'];
            @$jiao = $_POST['jiao'];
            $sql = "update userdetail set uid=$id,nickName='$nickName',email='$email',qq='$qq',age='$age',sex='$sex',num='$num',work='$work',content='$jiao'where uid = $id";
            mysqli_query($link,$sql);
            if (mysqli_affected_rows($link)>0){
                echo "<script>alert('保存成功');window.location.href='./update.php';</script>";die;
            }else{
                echo "<script>alert('你没有改东西');window.location.href='./update.php';</script>";die;
            }

        }else{
            echo "<script>alert('内容不能为空');window.location.href='./update.php';</script>";die;
        }
        break;
    case 'upload':
        require 'functions.php';
        if (!empty($_FILES)){
            $ufile = $_FILES;
            $id = $_POST['id'];
            $new_name = getUploads($_FILES,'./images');
            $path = dirname($new_name);
            $name = basename($new_name);
            $path1 = $path.'/'.$name;
            $type = array('image/png','image/jpeg','image/gif');
            $sql = "update userdetail set photo = '$path1' where uid = $id ";
            mysqli_query($link,$sql);
            if (mysqli_affected_rows($link)>0){
                mysqli_close($link);
                if(getImages($path,$name,$type,150)){
                    echo "<script>alert('添加成功');window.location.href='update.php'</script>";die;
                }
            }else{
                echo "<script>alert('添加失败');window.location.href='update.php';</script>";die;
            }
        }else{
            echo "<script>alert('内容不能为空');window.location.href='./update.php';</script>";die;
        }
        break;
    case 'upwd':
        if (!empty($_POST['oldpwd'])){
            $name = $_POST['name'];
            $oldpwd = $_POST['oldpwd'];
            $newpwd = $_POST['newpwd'];
            $newpwd1 = $_POST['newpwd2'];
            $sql ="select * from user where userName = '$name'";
            $result = mysqli_query($link,$sql);
            $rows = mysqli_fetch_assoc($result);
            $pwd = $rows['password'];
            if ($oldpwd == $pwd){
                  if ($newpwd == $newpwd1){
                      echo "<script>alert('修改成功');window.location.href='./update.php';</script>";die;
                  }else{
                      echo "<script>alert('两次密码错误');window.location.href='./update.php';</script>";die;
                  }
            }else{
                echo "<script>alert('旧密码错误');window.location.href='./update.php';</script>";die;
            }
            mysqli_free_result($result);
            mysqli_close($link);
        }else{
            echo "<script>alert('旧密码不能为空');window.location.href='./update.php';</script>";die;
        }
        break;
}
